CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

Positive Technologies•added 2026/06/16 12:0 a.m.•6 views

PT-2026-49882

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebLogic Server versions 12.2.1.4.0 Oracle Fusion Middleware WebLogic Server versions 14.1.2.0.0 Description An issue in the Core component allows a low privileged attacker with network access via HTTP to compromise th...

8.8CVSS5.8AI score0.00402EPSS

Exploits0References5

CNNVD•added 2026/06/09 12:0 a.m.•8 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS

Exploits0References1

Positive Technologies•added 2026/06/09 12:0 a.m.•11 views

PT-2026-48080

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS

Exploits0References2

RedhatCVE•added 2026/06/05 7:38 p.m.•7 views

CVE-2026-34299

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS7.3AI score0.00261EPSS

Exploits0References1

CVE•added 2026/05/14 2:27 p.m.•13 views

CVE-2026-41935

Vvveb

7.1CVSS5.8AI score0.00267EPSS

Exploits0References3

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Security. The supported versions affected by this vulnerability are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9,...

4.7CVSS6.1AI score0.00411EPSS

Exploits0References2

Positive Technologies•added 2026/04/21 12:0 a.m.•2 views

PT-2026-34137

Name of the Vulnerable Software and Affected Versions Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7 and 8.1.2.5 Description An issue in the Platform component allows a low privileged attacker with network access via HTTP to compromise the system...

6.8CVSS7.2AI score0.00222EPSS

Exploits0References4

CNNVD•added 2026/04/21 12:0 a.m.•7 views

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. There is a security vulnerability in Oracle MySQL Server, which stems from issues with the Server: Group Replication Plugin component. This vulnerability may allow attackers with low privileges to acce...

6.5CVSS7.2AI score0.00303EPSS

Exploits0References2

CVE•added 2026/03/11 2:19 a.m.•13 views

CVE-2026-21297

CVE-2026-21297 affects Adobe Commerce (Magento) versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier and is an Incorrect Authorization vulnerability that could bypass security features. A low-privileged attacker may gain limited unauthorized access to a feature, ...

4.3CVSS5.8AI score0.0035EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/01/15 8:28 p.m.•5 views

CVE-2026-21921

A Use After Free vulnerability in the chassis daemon chassisd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service DoS. When telemetry collectors are frequently subscribing and unsubscribing to sensors...

7.1CVSS5.6AI score0.00335EPSS

Exploits0References3Affected Software2

EUVD•added 2025/12/10 9:31 p.m.•2 views

EUVD-2025-202545

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.00205EPSS

Exploits0References2

NVD•added 2025/12/10 7:16 p.m.•3 views

CVE-2025-64822

5.4CVSS0.00205EPSS

Exploits0References1

CNNVD•added 2025/12/10 12:0 a.m.•4 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.8AI score0.00205EPSS

Exploits0References1

CNNVD•added 2025/12/10 12:0 a.m.•5 views

Adobe Experience Manager 跨站脚本漏洞

5.4CVSS5.7AI score0.00205EPSS

Exploits0References1

Snyk•added 2025/12/08 4:40 p.m.•2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization when executing DeleteReaction. An attacker can remove reactions from other users' entries by sending crafted requests with low-level privileges and no authentication. Remediation Upgrade...

5.3CVSS6.8AI score0.00209EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-1777

Malware in sbrugna...

7.6CVSS7.8AI score0.01385EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-6889

Malware in sbrugna...

5.9CVSS6.9AI score0.00384EPSS

Exploits0References2